Merge branch 'ka/want-ref-in-namespace'

"git upload-pack" which runs on the other side of "git fetch"
forgot to take the ref namespaces into account when handling
want-ref requests.

* ka/want-ref-in-namespace:
  docs: clarify the interaction of transfer.hideRefs and namespaces
  upload-pack.c: treat want-ref relative to namespace
  t5730: introduce fetch command helper
This commit is contained in:
Junio C Hamano 2021-09-10 11:46:20 -07:00
commit 1ab13eb973
3 changed files with 192 additions and 48 deletions

View File

@ -52,13 +52,17 @@ If you have multiple hideRefs values, later entries override earlier ones
(and entries in more-specific config files override less-specific ones).
+
If a namespace is in use, the namespace prefix is stripped from each
reference before it is matched against `transfer.hiderefs` patterns.
reference before it is matched against `transfer.hiderefs` patterns. In
order to match refs before stripping, add a `^` in front of the ref name. If
you combine `!` and `^`, `!` must be specified first.
+
For example, if `refs/heads/master` is specified in `transfer.hideRefs` and
the current namespace is `foo`, then `refs/namespaces/foo/refs/heads/master`
is omitted from the advertisements but `refs/heads/master` and
`refs/namespaces/bar/refs/heads/master` are still advertised as so-called
"have" lines. In order to match refs before stripping, add a `^` in front of
the ref name. If you combine `!` and `^`, `!` must be specified first.
is omitted from the advertisements. If `uploadpack.allowRefInWant` is set,
`upload-pack` will treat `want-ref refs/heads/master` in a protocol v2
`fetch` command as if `refs/namespaces/foo/refs/heads/master` did not exist.
`receive-pack`, on the other hand, will still advertise the object id the
ref is pointing to without mentioning its name (a so-called ".have" line).
+
Even if you hide refs, a client may still be able to steal the target
objects via the techniques described in the "SECURITY" section of the

View File

@ -40,6 +40,30 @@ write_command () {
fi
}
# Write a complete fetch command to stdout, suitable for use with `test-tool
# pkt-line`. "want-ref", "want", and "have" lines are read from stdin.
#
# Examples:
#
# write_fetch_command <<-EOF
# want-ref refs/heads/main
# have $(git rev-parse a)
# EOF
#
# write_fetch_command <<-EOF
# want $(git rev-parse b)
# have $(git rev-parse a)
# EOF
#
write_fetch_command () {
write_command fetch &&
echo "0001" &&
echo "no-progress" &&
cat &&
echo "done" &&
echo "0000"
}
# c(o/foo) d(o/bar)
# \ /
# b e(baz) f(main)
@ -77,15 +101,11 @@ test_expect_success 'config controls ref-in-want advertisement' '
'
test_expect_success 'invalid want-ref line' '
test-tool pkt-line pack >in <<-EOF &&
$(write_command fetch)
0001
no-progress
write_fetch_command >pkt <<-EOF &&
want-ref refs/heads/non-existent
done
0000
EOF
test-tool pkt-line pack <pkt >in &&
test_must_fail test-tool serve-v2 --stateless-rpc 2>out <in &&
grep "unknown ref" out
'
@ -97,16 +117,11 @@ test_expect_success 'basic want-ref' '
EOF
git rev-parse f >expected_commits &&
oid=$(git rev-parse a) &&
test-tool pkt-line pack >in <<-EOF &&
$(write_command fetch)
0001
no-progress
write_fetch_command >pkt <<-EOF &&
want-ref refs/heads/main
have $oid
done
0000
have $(git rev-parse a)
EOF
test-tool pkt-line pack <pkt >in &&
test-tool serve-v2 --stateless-rpc >out <in &&
check_output
@ -121,17 +136,12 @@ test_expect_success 'multiple want-ref lines' '
EOF
git rev-parse c d >expected_commits &&
oid=$(git rev-parse b) &&
test-tool pkt-line pack >in <<-EOF &&
$(write_command fetch)
0001
no-progress
write_fetch_command >pkt <<-EOF &&
want-ref refs/heads/o/foo
want-ref refs/heads/o/bar
have $oid
done
0000
have $(git rev-parse b)
EOF
test-tool pkt-line pack <pkt >in &&
test-tool serve-v2 --stateless-rpc >out <in &&
check_output
@ -144,16 +154,12 @@ test_expect_success 'mix want and want-ref' '
EOF
git rev-parse e f >expected_commits &&
test-tool pkt-line pack >in <<-EOF &&
$(write_command fetch)
0001
no-progress
write_fetch_command >pkt <<-EOF &&
want-ref refs/heads/main
want $(git rev-parse e)
have $(git rev-parse a)
done
0000
EOF
test-tool pkt-line pack <pkt >in &&
test-tool serve-v2 --stateless-rpc >out <in &&
check_output
@ -166,16 +172,11 @@ test_expect_success 'want-ref with ref we already have commit for' '
EOF
>expected_commits &&
oid=$(git rev-parse c) &&
test-tool pkt-line pack >in <<-EOF &&
$(write_command fetch)
0001
no-progress
write_fetch_command >pkt <<-EOF &&
want-ref refs/heads/o/foo
have $oid
done
0000
have $(git rev-parse c)
EOF
test-tool pkt-line pack <pkt >in &&
test-tool serve-v2 --stateless-rpc >out <in &&
check_output
@ -298,6 +299,141 @@ test_expect_success 'fetching with wildcard that matches multiple refs' '
grep "want-ref refs/heads/o/bar" log
'
REPO="$(pwd)/repo-ns"
test_expect_success 'setup namespaced repo' '
(
git init -b main "$REPO" &&
cd "$REPO" &&
test_commit a &&
test_commit b &&
git checkout a &&
test_commit c &&
git checkout a &&
test_commit d &&
git update-ref refs/heads/ns-no b &&
git update-ref refs/namespaces/ns/refs/heads/ns-yes c &&
git update-ref refs/namespaces/ns/refs/heads/hidden d
) &&
git -C "$REPO" config uploadpack.allowRefInWant true
'
test_expect_success 'with namespace: want-ref is considered relative to namespace' '
wanted_ref=refs/heads/ns-yes &&
oid=$(git -C "$REPO" rev-parse "refs/namespaces/ns/$wanted_ref") &&
cat >expected_refs <<-EOF &&
$oid $wanted_ref
EOF
cat >expected_commits <<-EOF &&
$oid
$(git -C "$REPO" rev-parse a)
EOF
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
GIT_NAMESPACE=ns test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
check_output
'
test_expect_success 'with namespace: want-ref outside namespace is unknown' '
wanted_ref=refs/heads/ns-no &&
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
test_must_fail env GIT_NAMESPACE=ns \
test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
grep "unknown ref" out
'
# Cross-check refs/heads/ns-no indeed exists
test_expect_success 'without namespace: want-ref outside namespace succeeds' '
wanted_ref=refs/heads/ns-no &&
oid=$(git -C "$REPO" rev-parse $wanted_ref) &&
cat >expected_refs <<-EOF &&
$oid $wanted_ref
EOF
cat >expected_commits <<-EOF &&
$oid
$(git -C "$REPO" rev-parse a)
EOF
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
check_output
'
test_expect_success 'with namespace: hideRefs is matched, relative to namespace' '
wanted_ref=refs/heads/hidden &&
git -C "$REPO" config transfer.hideRefs $wanted_ref &&
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
test_must_fail env GIT_NAMESPACE=ns \
test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
grep "unknown ref" out
'
# Cross-check refs/heads/hidden indeed exists
test_expect_success 'with namespace: want-ref succeeds if hideRefs is removed' '
wanted_ref=refs/heads/hidden &&
git -C "$REPO" config --unset transfer.hideRefs $wanted_ref &&
oid=$(git -C "$REPO" rev-parse "refs/namespaces/ns/$wanted_ref") &&
cat >expected_refs <<-EOF &&
$oid $wanted_ref
EOF
cat >expected_commits <<-EOF &&
$oid
$(git -C "$REPO" rev-parse a)
EOF
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
GIT_NAMESPACE=ns test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
check_output
'
test_expect_success 'without namespace: relative hideRefs does not match' '
wanted_ref=refs/namespaces/ns/refs/heads/hidden &&
git -C "$REPO" config transfer.hideRefs refs/heads/hidden &&
oid=$(git -C "$REPO" rev-parse $wanted_ref) &&
cat >expected_refs <<-EOF &&
$oid $wanted_ref
EOF
cat >expected_commits <<-EOF &&
$oid
$(git -C "$REPO" rev-parse a)
EOF
write_fetch_command >pkt <<-EOF &&
want-ref $wanted_ref
EOF
test-tool pkt-line pack <pkt >in &&
test-tool -C "$REPO" serve-v2 --stateless-rpc >out <in &&
check_output
'
. "$TEST_DIRECTORY"/lib-httpd.sh
start_httpd

View File

@ -1417,21 +1417,25 @@ static int parse_want_ref(struct packet_writer *writer, const char *line,
struct string_list *wanted_refs,
struct object_array *want_obj)
{
const char *arg;
if (skip_prefix(line, "want-ref ", &arg)) {
const char *refname_nons;
if (skip_prefix(line, "want-ref ", &refname_nons)) {
struct object_id oid;
struct string_list_item *item;
struct object *o;
struct strbuf refname = STRBUF_INIT;
if (read_ref(arg, &oid)) {
packet_writer_error(writer, "unknown ref %s", arg);
die("unknown ref %s", arg);
strbuf_addf(&refname, "%s%s", get_git_namespace(), refname_nons);
if (ref_is_hidden(refname_nons, refname.buf) ||
read_ref(refname.buf, &oid)) {
packet_writer_error(writer, "unknown ref %s", refname_nons);
die("unknown ref %s", refname_nons);
}
strbuf_release(&refname);
item = string_list_append(wanted_refs, arg);
item = string_list_append(wanted_refs, refname_nons);
item->util = oiddup(&oid);
o = parse_object_or_die(&oid, arg);
o = parse_object_or_die(&oid, refname_nons);
if (!(o->flags & WANTED)) {
o->flags |= WANTED;
add_object_array(o, NULL, want_obj);